﻿<?php
include_once('conn.php');
class loginInfo
{
	public $userid=0;
	public $username="";
	public $success=false;
	public $msg="";
}

$info=new loginInfo;

if(!isset($_POST['username']) or !isset($_POST['password'])){
	$info->msg="非法访问";
	echo json_encode($info);
	die("");
}


$username = htmlspecialchars($_POST['username']);
$password = MD5($_POST['password']);
$info->username=$username;

$Sql=$Sql.' where username=\''.$username.'\' and password=\''.$password.'\'';
//echo $Sql;

if(!mysql_select_db($Default_db,$conn))
{
	$info->msg="不能连接数据库".mysql_error();
	echo json_encode($info);
	die("");
}
$res=mysql_query($Sql,$conn)or die("$".mysql_error()); ;
$row=mysql_fetch_array($res);
if(!$row) {
	$info->msg="用户名或密码错误！";
	include_once('logout.php');
	echo json_encode($info);
	die("");
}
else 
{
	session_start();
	setcookie("session",md5($row['id'].$row['username'].$row['password']),time()+3600*24,'/');
	setcookie("userid",$row['id'],time()+3600*24,'/');
	setcookie("username",$row['username'],time()+3600*24,'/');
	$_SESSION["dir"]='.\\idedata\\'.$username;
	$info->success=true;
	$info->userid=$row['id'];
	$info->msg="登陆成功，欢迎用户".$row['username'];
	echo json_encode($info);
	exit();
}

?>

